Jenkinsfile

pipeline {
    agent { label 'docker-paas-agent' } 
    
    environment {
        ORCHENT_AGENT_ACCOUNT='infn-cloud'
        ORCHENT_URL='https://my.cloud.infn.it/orchestrator'
    }
    
    stages {  
        stage ('Create test deployment'){
            steps {
                sh '''#!/bin/bash
                      wget -O site.yaml "${PLAYBOOK_URL}"
                      ansible-playbook site.yaml --extra-vars "paas_ci_test_step='create_deployment'"  
                     
                '''
            }
        }        
        stage ('Scan endpoints'){
            steps {
                withCredentials([
                    sshUserPrivateKey(credentialsId: "ssh_scans", keyFileVariable: 'keyfile'),
                    usernamePassword(credentialsId: "jenkins_scans_creds", usernameVariable: 'GMP_USER', passwordVariable: 'GMP_PASSWORD')
                ]) {
                    sh '''#!/bin/bash
                          cp ${keyfile} /home/jenkins/.ssh/id_rsa
                          ansible-playbook site.yaml --extra-vars "paas_ci_test_step='scan'"  
                         
                    '''
                }
            }
            post {
                failure {
                    archiveArtifacts artifacts: '*report.txt', allowEmptyArchive: true
                    emailext attachmentsPattern: '*report.txt', body: '$DEFAULT_CONTENT', subject: '$PROJECT_NAME - Build # $BUILD_NUMBER: Vulnerabilities detected!', to: '$DEFAULT_RECIPIENTS'
                }
            }
        }    
    }
    post { 
        always { 
            sh '''#!/bin/bash
            ansible-playbook site.yaml --extra-vars "paas_ci_test_step='clean'" 
            '''
        }
        failure {
            script {
                if ( fileExists ('severity.json')) {
                    emailext body: '$DEFAULT_CONTENT', subject: '$DEFAULT_SUBJECT', to: '$DEFAULT_RECIPIENTS'
                }    
            }    
        }
    }   
}